General

  • Target

    15b535ed67a7dee08602d4511d247535_JaffaCakes118

  • Size

    2.8MB

  • MD5

    15b535ed67a7dee08602d4511d247535

  • SHA1

    50ba68cb094fa0d3eafceb7276e535b6d378f1cf

  • SHA256

    5e3ab919a0769b74ff01676b5a36a351655c95c97f295171e282974b4b5b81ef

  • SHA512

    e094a59d65ab1dbad69d8bebacc0c0545cd3abd8a69bda8afc29295a6111e69bc05827fc0b6d5c83a9b889dc67062f16c70c0c5e5767eea85f50c95b8c60151b

  • SSDEEP

    49152:szuEdIM3e96BPS1mk1sjIJnF7M758DVK3ZZEZN0o03pBm/qJhPgl7YcqldUWCKDF:TVZtmk1aIJnxq5kkmuo05Bm57YxO4sCT

Score
7/10

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • 15b535ed67a7dee08602d4511d247535_JaffaCakes118
    .rar
  • VKPlu/hdl.wav
  • VKPlu/pe.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • VKPlu/spb.dll
    .dll windows:4 windows x86 arch:x86

    30d372ee2cc3f886bc5f65c6fbb6880b


    Headers

    Imports

    Exports

    Sections

  • VKPlu/vkbg.jpg
    .jpg
  • VKPlu/vkskin.she